FaceTime, acoustic cyber ‘noise,’ and building system worms were among the targets of resourceful white-hat hackers this year.
Hacks 2019- In a year punctuated by endless reports of leaky cloud storage buckets, firmware flaws, and the resurgence of ransomware into a full-blown epidemic, security researchers still found innovative hacks to keep one step ahead of cybercriminals and (maybe) nation-states.
They weaponized sound, hijacked building automation systems, and found security holes in the Boeing 787 airplane’s on-board network. Internet of Things devices and mobile apps continued to be a pathetically easy mark for vulnerability hunters, but it was an accidental finding by a 14-year-old Fortnite gamer that rocked the mobile sector: a flaw in Apple iOS’s Group FaceTime app that activated the microphone on an iPhone even if the user doesn’t answer the call.
And in a creepy but creative project on the defender side, security researchers teamed up with a jeweler to develop a wearable ring that stores a user’s “fingerprint” for authenticating to biometric systems.
So take a break from sifting through the false positives and stressing over the elusive needle in the haystack, and peruse some of the most creative hacks by security researchers that we covered this year on Dark Reading.
Grant Thompson was doing what many teenagers do when they game together online: the Tucson, Ariz., 14-year-old was getting his friends together for Fortnite on a group call, using Apple’s Group FaceTime feature. After trying to ring one friend via FaceTime who didn’t pick up and then adding a second friend to the call, he was able to hear the microphone of his first friend, even though the boy hadn’t picked up. He could hear the ringing sound on the first friend’s phone, he told NBC News.